Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SV62Iml4UZs63W7Yitn3OgpjSAk.roa
File: SV62Iml4UZs63W7Yitn3OgpjSAk.roa (raw, json)
Hash identifier: qlwf54mJ8o6FiwwJ21N7BAO4yTr78jWR6yE+LP+l8c4=
Subject key identifier: 49:5E:B6:22:69:78:51:9B:3A:DD:6E:D8:8A:D9:F7:3A:0A:63:48:09
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC25FCE558FDFB0CA8323394C72126
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SV62Iml4UZs63W7Yitn3OgpjSAk.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 2a0f:bc01::/32 maxlen: 32
2a0f:bc03::/32 maxlen: 32
2a0f:bc07::/32 maxlen: 32
2a0f:bc04::/32 maxlen: 32
2a0f:bc05::/32 maxlen: 32
2a0f:bc06::/32 maxlen: 32
2a0f:bc02::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:25:fc:e5:58:fd:fb:0c:a8:32:33:94:c7:21:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=495eb6226978519b3add6ed88ad9f73a0a634809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:84:f5:bb:db:9a:93:93:a9:d0:f1:22:89:f9:
ce:8c:9c:f6:f9:fc:f6:11:43:db:fa:14:fa:37:09:
ba:99:36:05:cf:2d:95:bc:d8:49:13:c9:08:17:f5:
11:2d:ef:2b:e7:e2:df:c9:98:c1:aa:49:34:d0:b2:
b4:bc:8f:c8:85:6b:a1:3c:ee:da:5c:1c:a9:9b:3c:
a3:f9:bb:f1:56:35:eb:04:28:e9:01:4c:75:a6:79:
79:d8:1a:e6:6e:c2:55:16:01:83:fb:3f:48:cf:c2:
57:9c:28:66:1a:49:7b:d8:84:6c:4e:ed:85:f8:5f:
3a:06:fb:93:68:a6:8e:8e:1d:1f:ff:84:5e:64:86:
b4:bb:0a:ce:e4:da:18:85:35:fd:95:74:bc:bb:7b:
e3:63:d2:4c:fc:f5:b0:1a:61:02:63:e1:61:25:a3:
82:21:3e:57:f2:fe:a2:73:04:82:48:09:ab:1b:2b:
56:60:21:7f:54:e4:48:b8:81:08:37:0c:c5:80:c7:
72:e8:95:89:84:96:d6:dc:d3:1e:63:95:6d:48:25:
a3:21:1a:49:c0:7b:27:9b:99:88:18:3f:4c:aa:2b:
1c:8a:f2:a2:a6:3c:0a:9c:a9:66:bf:b1:81:3e:c6:
ec:4d:89:23:6c:c9:60:c5:ad:bc:d3:79:b4:e8:aa:
b5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5E:B6:22:69:78:51:9B:3A:DD:6E:D8:8A:D9:F7:3A:0A:63:48:09
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SV62Iml4UZs63W7Yitn3OgpjSAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bc01::-2a0f:bc07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5f:e1:cf:6e:d7:00:7c:e1:65:aa:c6:19:8e:a7:72:e7:6b:eb:
4c:34:27:95:67:56:63:e1:ad:aa:0c:7c:80:18:fc:94:f2:f8:
06:92:49:9a:d7:86:66:98:bc:2f:8b:f1:97:3d:ba:16:76:88:
d7:5d:59:9f:f0:1a:6f:6c:4e:84:17:9a:06:57:ad:54:04:e1:
ec:ea:36:4a:60:dc:f1:9a:77:76:e9:b6:ef:d5:c1:60:ed:d5:
c8:37:52:70:37:c5:39:e3:ba:86:1e:65:0d:b0:ac:6a:ad:e9:
36:56:3a:f4:e7:1c:58:da:6c:8e:8a:27:4f:b0:bd:17:5a:8e:
17:44:fb:7e:9d:25:c5:7c:6f:be:54:3b:76:bd:de:48:5c:ec:
7b:f2:73:e1:7c:eb:9f:03:d2:f7:c0:3e:cc:e2:cb:5f:ff:22:
86:18:ea:cc:10:3e:18:db:0e:9e:62:6e:94:fe:9c:bf:36:e4:
9b:8a:82:fd:1f:8f:51:35:22:a6:6c:a7:95:2a:9d:c8:1d:dc:
5b:6f:2c:11:4c:80:e1:86:89:1d:95:d1:7e:9d:83:f9:1f:07:
fd:15:8d:84:89:37:f5:69:8c:e7:46:bb:f9:32:db:81:02:21:
9a:eb:a5:7b:0a:ef:5d:5a:c5:8d:28:8e:26:e4:4e:86:4f:a1:
4d:c5:28:de
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzJvCX85Vj9+wyoMjOUxyEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTVlYjYyMjY5Nzg1MTliM2FkZDZlZDg4YWQ5ZjczYTBhNjM0ODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIT1u9uak5Op0PEiifnOjJz2+fz2
EUPb+hT6Nwm6mTYFzy2VvNhJE8kIF/URLe8r5+LfyZjBqkk00LK0vI/IhWuhPO7a
XBypmzyj+bvxVjXrBCjpAUx1pnl52BrmbsJVFgGD+z9Iz8JXnChmGkl72IRsTu2F
+F86BvuTaKaOjh0f/4ReZIa0uwrO5NoYhTX9lXS8u3vjY9JM/PWwGmECY+FhJaOC
IT5X8v6icwSCSAmrGytWYCF/VORIuIEINwzFgMdy6JWJhJbW3NMeY5VtSCWjIRpJ
wHsnm5mIGD9MqiscivKipjwKnKlmv7GBPsbsTYkjbMlgxa2803m06Kq18wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEletiJpeFGbOt1u2IrZ9zoKY0gJMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvU1Y2MkltbDRVWnM2M1c3WWl0bjNPZ3BqU0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqD7wB
AwUDKg+8ADANBgkqhkiG9w0BAQsFAAOCAQEAX+HPbtcAfOFlqsYZjqdy52vrTDQn
lWdWY+Gtqgx8gBj8lPL4BpJJmteGZpi8L4vxlz26FnaI111Zn/Aab2xOhBeaBlet
VATh7Oo2SmDc8Zp3dum279XBYO3VyDdScDfFOeO6hh5lDbCsaq3pNlY69OccWNps
joonT7C9F1qOF0T7fp0lxXxvvlQ7dr3eSFzse/Jz4XzrnwPS98A+zOLLX/8ihhjq
zBA+GNsOnmJulP6cvzbkm4qC/R+PUTUipmynlSqdyB3cW28sEUyA4YaJHZXRfp2D
+R8H/RWNhIk39WmM50a7+TLbgQIhmuulewrvXVrFjSiOJuROhk+hTcUo3g==
-----END CERTIFICATE-----
Generated at Sat May 4 03:12:34 2024 by rpki-client on console-fra.rpki-client.org